Softpedia
 
HomepageWindowsGamesDriversMacLinuxScripts buttonMobileHandheldNews

NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
TRENDING TODAY
Home > News > Security > Advisories

September 14th, 2012, 09:15 GMT · By

Searching for Compromised UDIDs May Lead You to Malware-Laden Sites

SHARE:

Adjust text size:

Search for UDIDs brings up malicious results
Enlarge picture
Experts have started warning users whose Apple UDIDs may have ended up online as a result of the latest incident to be on the lookout for shady service and websites. Cybercriminals are taking advantage of the unfortunate event to launch their campaigns.

AntiSec hackers have stolen around 12 million UDIDs, along with some personal information. The source of the data leak might be the Federal Bureau of Investigations (FBI), or it might be a company called BlueToad.

In any case, if you suspect that your UDID might have ended up online and you want to verify this, you must be careful where you look for it.

Searching for the names of the files obtained by the hackers - NCFTA_iOS_devices_intel.csv and Rxdzz.txt – can get you on all sorts of suspicious websites. For instance, McAfee researchers have found that the first file shows up on various BitTorrent sites.

The files don’t contain the leaked information, but instead, they carry malicious elements such as Artemis!16D937DB87E4.

McAfee experts aren’t the only ones concerned with the fact that many searches for the UDIDs point to suspicious websites. Researchers from Solutionary have also issued a similar warning.

“If you want to find out if your UDID was one of the ones released, be careful. There are many scams designed to get you to enter your UDID for a search. Don’t do that,” Jon Heimerl of Solutionary wrote.

“Some of these are designed just to capture your UDID. If you really want to know, download the list and search, or find an https: link that will allow you to search with a partial UDID.”

Heimerl also reinforces the fact that organizations should realize the immediate threat and ensure that their systems are properly protected.

“Organizations need to continue understanding that they are being targeted, and need to protect their information with appropriate due care. These are not just words. ‘Good practice’ and ‘due care’ should mean something about the way you run your security program,” he explained.


1,331 hits
Link to this article · Print article · Send to friend

MUST-READ RELATED ARTICLES:


Anonymous Group Holds Data on 12 Million iPhones, iPads and Their Owners, from the FBI
Anonymous Insists 12 Million UDIDs Were Stolen from the FBI, Not BlueToad
FBI Denies It's the Source of the Anonymous iPhone Data Leak
Credit Card Details of 13 US Officials Leaked in Response to Barrett Brown’s Arrest
South African Police Site Breached by Domainer Hackers

READER COMMENTS:



No user comments yet.
Be the first to express your opinion!
Copyright © 2001-2013 Softpedia. Contact/Tip us at

WindowsGamesDriversMacLinuxScriptsMobileHandheldNews

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   UPDATE YOUR SOFTWARE   |   ROMANIAN FORUM
© 2001 - 2013 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are
registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use